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DETAILED ACTION 



Priority 

Receipt is acknowledged of papers submitted under 35 U.S.C. 1 19(a)-(d), which 
papers have been placed of record in the file. 

Information Disclosure Statement 
The information disclosure statement submitted on 24July2006 has been 
considered by the Examiner and made of record in the application file. 



Claim Rejections - 35 USC § 102 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1 , 3-4, and 8-9 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Vilaghy et al. ("e-business Cookbook for z/OS Volume I. Technology Introduction"). 

Consider claims 1, 8, and 9. Vilaghy et al. clearly shows and discloses a relay 
processing apparatus for relaying communications between a control program that 
generates control commands for a terminal and a process for an HTTP server program 
that returns to said terminal a command constituting an HTTP response to a HTTP 
request received from said terminal, comprising: a terminal request processor for 
initiating said control program upon the reception of a function call from said HTTP 
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server program that initially received said HTTP request from the terminal (('Web 
component tier. This tier gets client requests (HTTP,HTTPS>, analyses the requests and 
decides to respond with a file (HTML, images) or calls a program (servlet) to do some 
part of the server-side processing requested by the client. Generally the servlet acts as 
the Confro/ter (controls the whole application flow), then calls a JavaServer Page (JSP) 
to dynamically generate the HTML response (the presentation or View) to be sent back 
to the client.") page 23); and a control request processor for receiving from said control 
program a first command generated as a response to the function call, and for 
transmitting to said terminal request processor a notification that said first command has 
been received (('WebSphere manages and runs servlets and JSPs that contain the 
presentation logic to format the data coming from the back-end systems. WebSphere 
will provide a container to run Enterprise Java Beans (EJBs). This container provides 
transactional and other services. The servlets or JSPs invoke the EJBs. The EJBs 
contain the new, transactional business logic, and the servlets/JSPs should only contain 
presentation logic. The EJBs can connect to back-end systems using connectors.") 
page 67), means in the terminal request processor responsive to the reception 
notification, for returning the first command to said HTTP server program, and means in 
the HTTP server program for retuming said command to the temiinal in said HTTP 
response issued for said HTTP request (("The response created by the servlet is 
passed back to the HTTP server. The HTTP server passes back the response produced 
by the servlet to the client. If the client is a browser, the response will contain HTML 
formatted data.") page 124). 
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Consider claims 3 and 4, and as applied to claim 1 above. Vilaghy et al. shows 
and discloses means responsive to a program for shifting a processor Into a halted state 
while maintaining an execution state after a function; and means responsive to a 
notification from a processor for recovering from said halted state (("According to normal 
component-to-component communication, calls happen synchronously. This means that 
a component calls another component using the RMI-llOP procedure, and during the 
call the client or caller waits till the server or the called party finishes.") page 138) and 
returning processing control and the first command to said HTTP server program (("5. 
The response created by the servlet is then passed back to the HTTP server.") page 
124). 



Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 
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4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 

prior art under 35 U.S.C. 103(a). 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vilaghy et 
al. ("e-business Cookbook for z/OS Volume I. Technology Introduction") in view of 
Hoffman (US 6728769 B1). 

Regarding claim 2, and as applied to claim 1 above. Vilaghy et al. shows and 
discloses a relay processing apparatus comprising means in the control request 
processor (figure 13-8, page 162) for transmitting the results from the first command to 
the control program, and means in the control program for perfomning a process 
corresponding to said results from the first command (("Aside from just formatting the 
output, servlets (read as control program) might need to talk to EJBs (read as request 
processor) to get data from databases or invoke transactions.") page 125). However, 
Vilaghy et al. falls to disclose means in the tenninal for transmitting to the HTTP server 
program a second HTTP request that includes results from the first command. Hoffman 
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discloses sending a second HTTP request that includes a flag indicating that an update 
has been successful (("Once the appropriate data has been received by the JSP 242, 
the JSP 242 directs that that WEB server 204 update the server-side data base 208 
according to the selected input. In response, the WEB server 204 sends an HTTP 
response to the applet 228 by way of the JSP 242 directing the browser 214 to update 
only an update icon 244 indicating that the server side data base 208 has been 
successfully updated. In this way, the user experiences a substantially real time 
interaction since the update icon immediately reflects the effects of the user supplied 
input data on the data base 208 without the need to refresh the entire, or even a 
substantial portion of the WEB page.") column 5 lines 60-67 and column 6 lines 1-4 ("... 
generating a second http request by the http request generator, wherein the second http 
request includes a database update successful flag indicating that the database has 
been successfully updated; sending the second http request interation applet; and 
updating the update icon only by the interaction applet indicating that the database has 
been successfully updated. ") claim 1). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate sending a second HTTP request indicating 
a successful update as taught by Hoffman with a means for sending a command and 
performing a process as taught by Vilaghy et al. for the purpose of application 
verification. 
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Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vilaghy et 
al. ("e-business Cookbook for z/OS Volume I. Technology Introduction") in view of 
DevineetaL (US 6598167 B2). 

Regarding claim 5, and as applied to claim 1 above. Vilaghy et al. shows and 
discloses a relay processing apparatus wherein an HTTP failure response message is 
sent to the terminal (("The login-config element specifies the type of authentication to be 
used and any associated data, such as login and error pages for form-based 
authentication.") page 84). However, Vilaghy et al. fails to disclose a terminal request 
processor comprising means responsive to a non-receipt of said reception notification 
from said control request processor within a predetermined period of time. Devine et al. 
discloses monitoring heartbeats for a predetermined period of time and determining a 
process to be closed if the heartbeats fail to respond (("For example, a keep alive 
message is sent every predefined period, e.g., 1 minute from a client application to the 
server. When the client application fails to heartbeat consecutively for a predetermined 
period of time, for example, one hour, the server treats this client application as having 
exited by closing the application and performing cleanup routines associated with the 
application.") column 4 lines 1-7). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate monitoring heartbeats for a predetemiined 
period of time as taught by Devine et al. with enror pages as taught by Vilaghy et al. for 
the purpose of event notification. 
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Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vilaghy et 
al, ("e-business Cookbook for z/OS Volume L Technology Introduction") in view of 
Perlman et al. (US 6510523 B1 ). 

Regarding claim 6, and as applied to claim 1 above. Vilaghy et al. shows and 
discloses a relay processing apparatus according to claim 1. However, Vilaghy et al. 
fails to disclose a certification request message for requesting the preparation of an 
electronic certificate that authenticates a terminal in accordance with a command 
received from a control program. Perlman et al. discloses a system wherein certificates 
are requested from a device, generated, and granted. This reads on the claimed 
"requesting the preparation of an electronic certificate that authenticates said terminal 
... in accordance with a command received from said control program ... means to 
transmit a signature addition command to said tenninal containing an electronic 
signature." (("Credentials server 120 is a device (e.g., server) connected to network 
150 that is capable of generating credentials (e.g., a private key and a public key 
certificate) trusted by one or more remote terminals. Credentials server 1 20 issues 
credentials to a user to permit privileged operations. These credentials typically include 
public key certificates.") column 4 lines 38-44 ("Having established a secure 
communications channel, the user communicates with credentials server 120 using the 
untrusted terminal. In one implementation, the user can request credentials, such as a 
private key and a public key certificate, from credentials server 120, with which the user 
is registered. Both the private key and the public key may be represented as an 
alphabetic or numeric record (e.g., a 64-bit number). Although the private key is kept 
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secret, the public key may be published. In another implementation, the private and 
public keys can be generated by the untrusted terminal. In this instance, the public key 
is sent to credentials server 120 so that it can generate a certificate for this key... In 
many public key systems, public keys are verified and access is granted based on a 
chain of certificates. With such systems, the credentials might include one or more 
certificates that complete such a chain. For instance, the credentials may include a 
chain of identity certificates to establish the name associated with a given public key. In 
addition, the credentials may include one or more delegation certificates delegating 
privileges associated with one key to another key. For Instance, the user may sign a 
delegation certificate for the credentials server, which may sign a delegation certificate 
for the untrusted terminal. Either or both of these delegation certificates may include 
limited privileges. Alternatively, the credentials server might have a copy of the user's 
private key and use this to directly sign a delegation certificate for the untrusted 
terminal.") column 5 lines 55-67 and column 6 lines 1-17). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate generating an identity certificate as taught 
by Perlman et al. with a means for sending a command and performing a process as 
taught by Vilaghy et al. for the purpose of secure authentication. 

Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vilaghy et 
al. ("e-business Cookbook for z/OS Volume I. Technology Introduction") in view of 
Perlman et al. (US 6510523 B1 ) and in further view of Kanemaki et al. (US 
20020138761 Al). 
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Regarding claim 7, and as applied to claim 6 above. Vilaghy et al., as modified by 
Perlman et aL, shows and discloses an apparatus of claim 6, comprising an information 
storage unit (("Storing your e-business files on high performance storage can alleviate 
I/O bottlenecks that exist on other platforms") page 47 and Figure 3-2). However, 
Vilaghy et al., as modified by Perlman et al., fails to disclose an apparatus of claim 6, 
wherein the terminal request processor further comprises means for receiving a second 
function call containing a certification request message and an electronic signature from 
said HTTP server program as a response by the terminal to said signature addition 
command, and means for fonA^arding a notification to that effect to said control request 
processor; means in the control request processor responsive to the notification of 
receipt of the second funcfion call for transmitting said certification request message to 
said control program; and means in said terminal request processor for transmitting an 
electronic certificate received from said control program. Kanemaki et al. discloses an 
authentication system wherein a second transaction (function call) is made upon 
receiving results of signature infomiation after first transaction ((". . . authentication 
apparatus holding information relating to a first transactor and authenticating a 
transaction between said first transactor and a second transactor performed via a 
network while communicating with another authentication apparatus holding information 
relating to said second transactor, comprising a transmitting and receiving means for 
transmitting a second request including information specifying said second transactor in 
response to a first request from said first transactor including information indicating said 
transaction content and information specifying said second transactor to said second 
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authentication apparatus, receiving first signature information indicating an 
authentication result by said second authentication apparatus in response to said 
second request, transmitting a third request including information relating to said 
transaction content Included in said first request and said first signature information to 
an apparatus used by said second transactor, and receiving a predetermined reply from 
an apparatus used by said second transactor in response to the related third request, a 
storage means for storing a log of said transaction when receiving said predetermined 
reply, and a signature producing means for producing second signature information to 
be transmitted to the apparatus used by said first transactor via said transmitting and 
receiving means when receiving said predetermined reply and indicating the 
authentication result of the legitimacy of said transaction.") paragraph 0050). 

Therefore, It would have been obvious to one of ordinary skill in the art at the 
time the invention was made to Incorporate a second certification request and an 
electronic signature as taught by with a means for sending a command and perfonning 
a process as taught as taught by Vilaghy, as modified by Perlman et al., for the purpose 
of secure authentication using digital certificates. 

Conclusion 

Any response to this Office Action should be faxed to (571 ) 273-8300 or mailed 

to: 

Commissioner for Patents 
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P.O. Box 1450 
Alexandria, VA 22313-1450 
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Hand-delivered responses should be brought to 

Customer Service Window 
Randolph Building 
401 Dulany Street 
Alexandria, VA 22314 

Any inquiry concerning this communication or earlier communications from the 
Examiner should be directed to Mark Fearer whose telephone number is (571) 270- 
1770. The Examiner can normally be reached on Monday-Thursday from 7:30am to 
5:00pm. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Rafael Perez-Guti6rrez can be reached on (571) 272-7915. The fax phone 
number for the organization where this application or proceeding is assigned is (571) 
273-8300. 

Infomnation regarding the status of an application may be obtained from the 
Patent Application Infomiation Retrieval (PAIR) system. Status infomiation for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
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have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) or 571-272-4100. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist/customer service whose telephone 
number is (571 ) 272-2600. 

Mark Fearer 
M.D.F./mdf 
May 18, 2007 




